package org.pro.core.config;

import org.pro.core.authentiction.SmsCodeAuthenticationSecurityConfig;
import org.pro.core.constant.SecurityConstants;
import org.pro.core.properties.SecurityProperties;
import org.pro.core.validateCode.ValidateCodeFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

/**
 * 总的springSecurity配置，后续已拆分，此文件已弃用
 * @author luoqiz
 *
 */
//@EnableWebFluxSecurity
//@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{

	@Autowired
	private SecurityProperties securityProperties;
	
	@Autowired
	private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
	
	@Autowired
	private MyAuthenticationfailedHandler myAuthenticationfailedHandler;
	
	@Autowired
	private javax.sql.DataSource dataSource;
	
	@Autowired
	private UserDetailsService userDetailsService;
	@Autowired
	private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;
	
	@Autowired
	private ValidateCodeFilter validateCodeFilter;
	/**
	 * 声明一个密码加密器
	 * @return
	 */
	@Bean
	public PasswordEncoder passwordEncoder() {
		return new BCryptPasswordEncoder();
	}
	
	/**
	 * 声明记住我的数据获取来源
	 * @return
	 */
	@Bean
	public PersistentTokenRepository persistentTokenRepository() {
		JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
		tokenRepository.setDataSource(dataSource);
		return tokenRepository;
	}
	
	/**
	 * 自定义配置
	 */
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		
		http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
			.formLogin()   //认证方式：表单
				.loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
				.loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) //指定未认证时的login页面、以及form表单处理的url
				.successHandler(myAuthenticationSuccessHandler)
				.failureHandler(myAuthenticationfailedHandler)
				.and()
			.rememberMe()
				.tokenRepository(persistentTokenRepository())  //获取cookie
				.tokenValiditySeconds(securityProperties.getBrowser().getRememberExpire())  //设置过期时间
				.userDetailsService(userDetailsService)  //获取到user对象后的服务
				.and()
			.authorizeRequests()		
			.antMatchers("/auth/**","/webjars/**","/index*","/css/**","/js/**",securityProperties.getBrowser().getLoginUrl()).permitAll() //指定匹配的路径不需要认证即可访问
			.anyRequest().authenticated()		//拦截所有请求需要认证，需要注意的是此处和shiro的拦截机制一致，由上至下依次匹配，当找到第一个匹配时就返回其值
			.and()
			.csrf().disable() //开启跨域访问
			.apply(smsCodeAuthenticationSecurityConfig);
	}
	/**
	 * 认证信息
	 * @param auth
	 * @throws Exception
	 */
	/*@Autowired
	private void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

		auth.inMemoryAuthentication().withUser("luoqiz").password("123456").roles("ADMIN");
	}*/
}
